Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/xzw-iLYE7PjgPRA3s0J5ta4vgGk.roa
File: xzw-iLYE7PjgPRA3s0J5ta4vgGk.roa (raw, json)
Hash identifier: 8fNNUayk9xaDv3BqHb5aWmhN0EnRv3IhyFiUJxPH5r0=
Subject key identifier: C7:3C:3E:88:B6:04:EC:F8:E0:3D:10:37:B3:42:79:B5:AE:2F:80:69
Certificate issuer: /CN=16055801b775e774306321455fd463fbd9273c4c
Certificate serial: 019A24827DEB00361F972D2074DDE7AA496B
Authority key identifier: 16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/xzw-iLYE7PjgPRA3s0J5ta4vgGk.roa
Signing time: Mon 27 Oct 2025 07:12:03 +0000
ROA not before: Mon 27 Oct 2025 07:12:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 144.56.7.0/24 maxlen: 24
144.56.13.0/24 maxlen: 24
144.56.17.0/24 maxlen: 24
144.56.24.0/24 maxlen: 24
144.56.27.0/24 maxlen: 24
144.56.29.0/24 maxlen: 24
144.56.33.0/24 maxlen: 24
144.56.34.0/24 maxlen: 24
144.56.71.0/24 maxlen: 24
144.56.94.0/24 maxlen: 24
144.56.95.0/24 maxlen: 24
144.56.97.0/24 maxlen: 24
144.56.102.0/24 maxlen: 24
144.56.125.0/24 maxlen: 24
144.56.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 31 Oct 2025 20:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:24:82:7d:eb:00:36:1f:97:2d:20:74:dd:e7:aa:49:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16055801b775e774306321455fd463fbd9273c4c
Validity
Not Before: Oct 27 07:12:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c73c3e88b604ecf8e03d1037b34279b5ae2f8069
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f8:11:a5:e6:35:bf:10:97:02:57:e5:35:ff:
4e:66:11:8c:3c:f7:34:70:a8:d6:69:f4:ad:18:fe:
bd:c2:3a:f9:ac:96:fa:81:92:6b:75:af:37:97:79:
ad:05:bc:98:e1:82:e1:62:c6:ea:2e:07:79:c0:1e:
4e:11:98:2e:84:47:52:ad:8c:f4:5a:71:50:6a:22:
7c:f1:b9:b7:13:c1:a8:57:eb:fc:57:d5:2a:6d:e9:
89:a6:b2:01:e5:bc:73:0d:64:00:91:66:5b:ce:db:
91:08:64:05:36:9d:68:28:cb:de:7f:f4:a7:b9:77:
45:68:52:e7:d4:c6:e2:9d:8f:fa:de:ef:02:36:b9:
a1:ea:bb:5c:f0:92:36:98:b9:08:74:87:80:05:77:
65:4c:de:a2:11:5d:c1:0c:13:2f:14:b0:70:21:4b:
0b:b2:e0:47:3d:ef:78:4e:41:3a:f4:23:05:04:42:
61:db:cb:44:4f:e8:e3:09:92:a2:16:8f:82:6e:2d:
e3:e0:a5:16:c8:06:3e:86:6f:79:fc:1f:5d:3f:b4:
6b:52:3d:a0:66:d2:1d:0a:2a:68:0e:ab:37:23:76:
81:e8:2f:ba:12:1e:1c:d5:d7:6e:07:c4:2f:56:de:
42:cb:38:71:ef:8a:42:df:65:52:6e:57:4f:8e:04:
cd:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:3C:3E:88:B6:04:EC:F8:E0:3D:10:37:B3:42:79:B5:AE:2F:80:69
X509v3 Authority Key Identifier:
keyid:16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/xzw-iLYE7PjgPRA3s0J5ta4vgGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.56.7.0/24
144.56.13.0/24
144.56.17.0/24
144.56.24.0/24
144.56.27.0/24
144.56.29.0/24
144.56.33.0-144.56.34.255
144.56.71.0/24
144.56.94.0/23
144.56.97.0/24
144.56.102.0/24
144.56.125.0/24
144.56.129.0/24
Signature Algorithm: sha256WithRSAEncryption
42:db:93:fa:ce:90:3c:83:47:4e:b8:97:27:ea:b7:df:15:4c:
4c:d7:3d:25:c9:0d:3a:60:e8:0f:c0:44:aa:32:17:d1:1d:a7:
ea:0d:4b:e2:c8:26:fa:2e:3f:cf:2c:ad:23:6d:78:aa:36:a3:
00:b6:cd:d4:db:40:fe:c6:3d:d6:14:93:87:89:5d:f9:f5:66:
db:eb:e8:e8:ce:df:71:24:f0:b3:f1:1c:f3:f7:ec:de:62:e9:
3e:8d:2f:97:40:a0:7a:13:aa:83:15:db:4d:7c:20:9c:60:8a:
fd:b7:ca:d4:64:5c:c6:b5:23:84:20:a8:ec:01:29:b8:8a:56:
c5:b4:ac:ad:b2:46:1c:84:70:97:af:76:f9:16:8a:87:db:f6:
72:42:48:0f:e8:46:3d:1d:23:01:a6:24:3c:08:0d:93:85:52:
0c:30:68:82:5f:ac:74:03:cb:5f:1d:00:8a:97:28:88:93:b2:
1c:de:b9:11:3d:23:d6:2c:3e:a6:68:de:15:36:44:b4:15:59:
de:6c:8e:b3:37:85:81:9e:22:64:bb:ab:2a:47:2f:8e:d8:6a:
a4:98:3b:e3:b8:61:14:9a:96:ae:fe:6d:5d:1e:54:4a:58:a2:
93:99:bf:26:94:8d:6c:80:a1:9c:48:76:5e:81:82:23:c2:d8:
b1:27:bd:b0
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAZokgn3rADYfly0gdN3nqklrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDU1ODAxYjc3NWU3NzQzMDYzMjE0NTVmZDQ2M2ZiZDky
NzNjNGMwHhcNMjUxMDI3MDcxMjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzNjM2U4OGI2MDRlY2Y4ZTAzZDEwMzdiMzQyNzliNWFlMmY4MDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfgRpeY1vxCXAlflNf9OZhGMPPc0
cKjWafStGP69wjr5rJb6gZJrda83l3mtBbyY4YLhYsbqLgd5wB5OEZguhEdSrYz0
WnFQaiJ88bm3E8GoV+v8V9UqbemJprIB5bxzDWQAkWZbztuRCGQFNp1oKMvef/Sn
uXdFaFLn1MbinY/63u8CNrmh6rtc8JI2mLkIdIeABXdlTN6iEV3BDBMvFLBwIUsL
suBHPe94TkE69CMFBEJh28tET+jjCZKiFo+Cbi3j4KUWyAY+hm95/B9dP7RrUj2g
ZtIdCipoDqs3I3aB6C+6Eh4c1dduB8QvVt5Cyzhx74pC32VSbldPjgTNzwIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFMc8Poi2BOz44D0QN7NCebWuL4BpMB8GA1UdIwQY
MBaAFBYFWAG3ded0MGMhRV/UY/vZJzxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgt
MTM1NzE3ZWYzODhhLzEveHp3LWlMWUU3UGpnUFJBM3MwSjV0YTR2Z0drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgtMTM1NzE3ZWYzODhh
LzEvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQAkDgHAwQA
kDgNAwQAkDgRAwQAkDgYAwQAkDgbAwQAkDgdMAwDBACQOCEDBACQOCIDBACQOEcD
BAGQOF4DBACQOGEDBACQOGYDBACQOH0DBACQOIEwDQYJKoZIhvcNAQELBQADggEB
AELbk/rOkDyDR064lyfqt98VTEzXPSXJDTpg6A/ARKoyF9Edp+oNS+LIJvouP88s
rSNteKo2owC2zdTbQP7GPdYUk4eJXfn1Ztvr6OjO33Ek8LPxHPP37N5i6T6NL5dA
oHoTqoMV2018IJxgiv23ytRkXMa1I4QgqOwBKbiKVsW0rK2yRhyEcJevdvkWiofb
9nJCSA/oRj0dIwGmJDwIDZOFUgwwaIJfrHQDy18dAIqXKIiTshzeuRE9I9YsPqZo
3hU2RLQVWd5sjrM3hYGeImS7qypHL47YaqSYO+O4YRSalq7+bV0eVEpYopOZvyaU
jWyAoZxIdl6BgiPC2LEnvbA=
-----END CERTIFICATE-----
Generated at Fri Oct 31 05:36:13 2025 by rpki-client